CVE-2026-9095 – Casdoor
“Identity platforms become critical business risks when multiple security gaps accumulate across authentication and access workflows.”
Casdoor released patches for four vulnerabilities affecting the platform. CVE-2026-9090 has a CVSS score of 9.1, which is Critical severity. CVE-2026-9091 has a CVSS score of 5.3, which is Medium severity. CVE-2026-9092 has a CVSS score of 9.1, which is Critical severity. CVE-2026-9095 has a CVSS score of 8.1, which is High severity.
The update addresses multiple security weaknesses across affected Casdoor deployments. Two vulnerabilities are rated Critical severity and could significantly impact the security of authentication and identity management operations if left unpatched. The fixes strengthen platform security controls and reduce exposure across user access and identity workflows.
Key Details
- Attack Vector
- Network
- Attack Complexity
- High
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-294